Read Part One of the author's series, "Brazil Cleans Up Its Act with New Anti-bribery and Corruption Law" here.

By Gabriela Roitburd

The passing of Brazil’s Clean Companies Act shows that the country is committed to confronting bribery and corruption. Similar in some respects to US and UK law, the Act holds companies liable for bribery and corruption in Brazil, as well as overseas. To ensure compliance, companies subject to the law need an effective company-wide anti-bribery and corruption program.

The clock is ticking. On January 29, 2014, Brazil’s Clean Companies Act takes effect. Between now and then, Brazilian based companies, and multinationals with a connection to the Brazilian market, must revisit their existing anti-bribery and corruption programs, or begin preparations to create a program from scratch.

For companies that have yet to develop an anti-bribery and corruption program for the Brazilian market, a number of short-term challenges exist. Ensuring that employees and executives are aware of the law and its ramifications is critical to improving a company’s ability to comply with the Act.

With careful planning, and the commitment of the appropriate resources, companies can deploy a credible and defensible program that ensures compliance with Brazilian law, as well as the US Foreign Corrupt Practices Act (FCPA), and the UK’s Bribery Act.

Corruption within Brazil

A study by the Industries Federation of São Paulo State estimates that corruption costs Brazil’s economy BR$ 41.5 billion a year (US$18.4 billion), or 1.38 percent of the country’s GNP. Transparency International’s Corruption Perceptions Index, which measures the perceived levels of public sector corruption around the world, assigns Brazil a score of 43, on a scale from 0 (highly corrupt) to 100 (very clean). The United States and the United Kingdom receive scores of 73 and 74 respectively.

Brazil is a very bureaucratic country, and it is impossible for any company to function without interfacing with government employees. Depending on the type of operations within the Brazilian market, some companies will have more interactions with government officials than others, and therefore, be more susceptible to involvement in bribery and corruption.

Regulatory cooperation on a global scale

With the Clean Companies Act scheduled to take effect at the beginning of 2014, companies must begin taking steps to assess their overall compliance risk, as well as develop plans to bridge any gaps that may exist. Given that the Clean Company Act holds companies liable for bribery and corruption committed overseas, companies can expect Brazil to cooperate more with US and UK regulatory authorities than it does today.

For multinational corporations already subject to the FCPA, or the UK Bribery Act, complying with the Clean Companies Act will require adjusting their current program to reflect the requirements of the Brazilian law. For example, even though Brazil does not have specific data protection laws in place, there are general provisions regarding data privacy embedded in a few civil and criminal laws and even in Brazil’s constitution. For instance, criminal investigators cannot conduct a wire tape without a court warrant. When it comes to the corporate world, there are some restrictions that should be observed by the employers and their consultants that mostly come from case laws such as the ones related to the monitoring of the company`s systems.

Why third party compliance matters

Given the lack of scrutiny and enforcement relating to bribery and corruption to date, a multinational may face challenges in convincing Brazilian employees of the inherent risks associated with third parties. Since the Clean Companies Act shares similarities with the FCPA and UK Bribery Act, companies should assume that Brazilian authorities will focus their efforts in a similar manner, which routinely includes extensive scrutiny of third parties.

Convincing a Brazilian company or a subsidiary of a multinational to monitor their third parties, which includes the targets of acquisition and their affiliates, joint venture partners, vendors, suppliers, distributors, agents and consultants providing marketing, sales, licensing, import/export or other services, may prove challenging –– at least initially. However, by providing executives with previous cases from enforcement actions under the FCPA and UK Bribery Act, they will see clear evidence that regulatory authorities often target the actions of third parties.

There are a number of elements involved in managing third party populations from effective contracting and attestations, to policy training and conducting due diligence. The most significant, and often repeated mistake companies make involves failing to conduct sufficient risk-based third party due diligence. Employing a “check the box” approach is particularly problematic as it often results in an incomplete picture of potential third parties’ ownership structure and operating history, etc., and consequently, compliance–related risk may actually increase, instead of decrease.

A sense of urgency

How aggressively Brazilian authorities will enforce the Act, and in which areas they will focus their efforts remains to be seen. It will also take time to address aspects of the law that remain unclear, or overly burdensome. However, given the similarities between the Clean Companies Act, the FCPA and UK’s Bribery Act, companies subject to the new law can expect increased scrutiny of third parties, specifically how they were selected, as well as the people, processes and technology that exist to monitor compliance over time.

Executives must understand the benefits that a robust third party due diligence program provides the company, its employees and shareholders. In addition to minimizing the risk of regulatory action, it may also create a competitive advantage in relation to companies that are unable to screen their potential suppliers and partners, etc.

By deploying a company–wide program that addresses third party compliance, companies can reduce the odds that they will provide Brazilian authorities with an opportunity to showcase their newly found commitment to preventing bribery and corruption.

Author:

Lawyer Gabriela Roitburd is a member of the São Paulo Chapter of the Brazilian Bar Association and a compliance consultant for STEELE CIS clients operating in Brazil. She has over 10 years of in-house experience in large multinational companies in the consumer, medical-device and pharmaceutical segments. This year, she completes two, two-year terms as a member of the Ethics Committee of the Brazilian Association of High-Technology Industry of Medical Equipment, Products and Devices – ABIMED. groitburd@wwsteele.com